50,000 sites hacked through WordPress plug-in vulnerability

If you’re using hugely popular plugins on your WordPress installation it’s imperative that your keeping your installation up-to-date. That means checking it daily or even multiple times a day.

When a plugin, such as the MailPoet Newsletter, reaches a certain download threshold it quickly becomes a target for malicious intent. Once an exploit is crafted attackers can quickly turn thousands of websites into their slaves, quickly.

“The backdoor is very nasty and creates an admin user called 1001001,” the Sucuri security researchers said Wednesday in a blog post. “It also injects a backdoor code to all theme/core files. The biggest issue with this injection is that it often overwrites good files, making very hard to recover without a good backup in place.”
(PC World, 24 July 2014)

WordPress often gets the blame for being insecure, however it’s the 3rd party plugins that are installed and do not get regular updates, that create such huge security breaches.